Many valuable documents, such as, without limitation, bank notes, checks, and identification documents, are produced and distributed in paper form. Unfortunately, various technologies are now readily available for making high-quality copies of such documents. For example, there are many image capture systems such as CCD cameras, drum scanners, flatbed scanners and other capture/scanning systems that are readily available and that provide excellent reproduction accuracy and precision. Furthermore, very accurate and precise monochrome and color printing systems are readily available for high quality printing of documents, including documents created with the image capture systems just described. As a result, unauthorized copying and counterfeiting of valuable documents as described above is a serious concern.
Several types of physical document copy detection systems are known. One such copy detection system employs what is known as a copy detection pattern (CDP), which consists of an area, such as a rectangular or other shaped area, filled with pixels of random gray levels that is placed in a particular region of a document reserved for that purpose. For example, it is known to generate a CDP by first encrypting a data stream comprising a raster of an image taken from the document to be protected, such as, without limitation, a bar code, using an encryption key to produce an encrypted raster image data stream (the digital CDP), and then printing the resulting image (the analog CDP) based on the encrypted raster image data stream as part of the document in question. Documents containing CDPs are authenticated by capturing (e.g., scanning) the CDP from the document in question and comparing the captured CDP to the original CDP (which is either stored during the creation process for later use in verification or is regenerated during the verification process using the appropriate key and appropriate data from the document).
Unauthorized copies of documents are typically made by either copying the original document or by scanning and reprinting the original document. Copy detection systems employing CDPs rely on the lossy transformations presented by the physical mechanisms involved with making an unauthorized copy in the manners just described. For example, in a scanning and printing process, even the most technologically advanced hardware systems will introduce some distortion or error into the process. Specifically, in a scanning or similar image capture process, a typical scanner grid is usually not aligned exactly on the printed grid of the scanned document. As a result, the scanning process will usually scan a mix of two to four pixels of the original document thereby mixing the gray levels of those pixels. Printing and copying technologies similarly introduce error. For example, in an ink jet printing system, ink usually spreads from the intended pixel to neighboring pixels, and in a thermal printing process, thermal history and neighbor heat effects typically cause a mixing of gray levels among neighboring pixels.
As noted above, documents containing CDPs are authenticated by comparing the CDP captured from the document to the original, “expected” CDP to determine whether they are sufficiently similar to consider the CDP authentic (typically, a determination is made as to whether a certain level of correlation between the two exists). In the case of an authentic CDP, the CDP will have been printed once (when the document was originally created) and scanned once (during the verification process). These steps will result in a certain expected threshold amount of loss/alteration (as compared to the original, digital CDP) that will be considered tolerable in the verification process. However, in the case of an unauthorized copy, the CDP will have undergone the same printing and scanning steps just described (i.e., when the document was created and during the verification process), but will also have undergone additional scanning and printing or copying steps in between those steps. These additional scanning and printing or copying steps will introduce additional losses/alterations (i.e., more than the expected threshold amount of loss that will be considered tolerable). Thus, if in the verification process a certain minimum level of correlation between the two CDPs is detected (corresponding to less than or equal to the threshold loss/alteration just described), then the CDP will be considered to be authentic, and if less than the minimum level of correlation between the two CDPs is detected (corresponding to more than the threshold loss/alteration just described), then the CDP will be considered to be an unauthorized copy.
One problem that exists with current systems that employ CDPs is that when a computer system prints a document with a CDP using an off-the-shelf printer, as is often the case, a user on the computer system has the opportunity to capture the print stream and reprint the document with the CDP. Another problem is that the key used to generate the CDPs is often exposed on the computer system and therefore subject to being compromised.